Looking at the pre-SessionManager token checking, it's apparently valid
to log in despite user_token being empty. The stored token just gets
compared against the empty string that got returned previously.
This also cleans up some checks that assumed $user->getToken() didn't
automatically create the token if one wasn't already set.
Bug: T125114
Change-Id: Ia3d2382e96e2a0146f33fb7193a2e00ea72e51a0
// Ensure the user has a token
// @codeCoverageIgnoreStart
$anon = $this->user->isAnon();
// Ensure the user has a token
// @codeCoverageIgnoreStart
$anon = $this->user->isAnon();
- if ( !$anon && !$this->user->getToken() ) {
+ if ( !$anon && !$this->user->getToken( false ) ) {
$this->logger->debug(
"SessionBackend $this->id creating token for user {$this->user} on save"
);
$this->logger->debug(
"SessionBackend $this->id creating token for user {$this->user} on save"
);
// Reset the user's token to kill existing sessions
$user = User::newFromName( $username );
// Reset the user's token to kill existing sessions
$user = User::newFromName( $username );
- if ( $user && $user->getToken() ) {
+ if ( $user && $user->getToken( false ) ) {
$user->setToken( true );
$user->saveSettings();
}
$user->setToken( true );
$user->saveSettings();
}
/**
* Return the user token
/**
* Return the user token
*/
public function getToken() {
*/
public function getToken() {
- return $this->user === null || $this->user->getId() === 0 ? null : $this->user->getToken( true );
+ return $this->user === null || $this->user->getId() === 0 ? '' : $this->user->getToken( false );
$this->assertTrue( $userinfo->isVerified() );
$this->assertSame( 0, $userinfo->getId() );
$this->assertSame( null, $userinfo->getName() );
$this->assertTrue( $userinfo->isVerified() );
$this->assertSame( 0, $userinfo->getId() );
$this->assertSame( null, $userinfo->getName() );
- $this->assertSame( null, $userinfo->getToken() );
+ $this->assertSame( '', $userinfo->getToken() );
$this->assertNotNull( $userinfo->getUser() );
$this->assertSame( $userinfo, $userinfo->verified() );
$this->assertSame( '<anon>', (string)$userinfo );
$this->assertNotNull( $userinfo->getUser() );
$this->assertSame( $userinfo, $userinfo->verified() );
$this->assertSame( '<anon>', (string)$userinfo );
$this->assertFalse( $userinfo->isVerified() );
$this->assertSame( $user->getId(), $userinfo->getId() );
$this->assertSame( $user->getName(), $userinfo->getName() );
$this->assertFalse( $userinfo->isVerified() );
$this->assertSame( $user->getId(), $userinfo->getId() );
$this->assertSame( $user->getName(), $userinfo->getName() );
- $this->assertSame( null, $userinfo->getToken() );
+ $this->assertSame( '', $userinfo->getToken() );
$this->assertInstanceOf( 'User', $userinfo->getUser() );
$userinfo2 = $userinfo->verified();
$this->assertNotSame( $userinfo2, $userinfo );
$this->assertInstanceOf( 'User', $userinfo->getUser() );
$userinfo2 = $userinfo->verified();
$this->assertNotSame( $userinfo2, $userinfo );
$this->assertTrue( $userinfo2->isVerified() );
$this->assertSame( $user->getId(), $userinfo2->getId() );
$this->assertSame( $user->getName(), $userinfo2->getName() );
$this->assertTrue( $userinfo2->isVerified() );
$this->assertSame( $user->getId(), $userinfo2->getId() );
$this->assertSame( $user->getName(), $userinfo2->getName() );
- $this->assertSame( null, $userinfo2->getToken() );
+ $this->assertSame( '', $userinfo2->getToken() );
$this->assertInstanceOf( 'User', $userinfo2->getUser() );
$this->assertSame( $userinfo2, $userinfo2->verified() );
$this->assertSame( "<+:{$user->getId()}:{$user->getName()}>", (string)$userinfo2 );
$this->assertInstanceOf( 'User', $userinfo2->getUser() );
$this->assertSame( $userinfo2, $userinfo2->verified() );
$this->assertSame( "<+:{$user->getId()}:{$user->getName()}>", (string)$userinfo2 );
$this->assertFalse( $userinfo->isVerified() );
$this->assertSame( $user->getId(), $userinfo->getId() );
$this->assertSame( $user->getName(), $userinfo->getName() );
$this->assertFalse( $userinfo->isVerified() );
$this->assertSame( $user->getId(), $userinfo->getId() );
$this->assertSame( $user->getName(), $userinfo->getName() );
- $this->assertSame( null, $userinfo->getToken() );
+ $this->assertSame( '', $userinfo->getToken() );
$this->assertSame( $user, $userinfo->getUser() );
$userinfo2 = $userinfo->verified();
$this->assertNotSame( $userinfo2, $userinfo );
$this->assertSame( $user, $userinfo->getUser() );
$userinfo2 = $userinfo->verified();
$this->assertNotSame( $userinfo2, $userinfo );
$this->assertTrue( $userinfo2->isVerified() );
$this->assertSame( $user->getId(), $userinfo2->getId() );
$this->assertSame( $user->getName(), $userinfo2->getName() );
$this->assertTrue( $userinfo2->isVerified() );
$this->assertSame( $user->getId(), $userinfo2->getId() );
$this->assertSame( $user->getName(), $userinfo2->getName() );
- $this->assertSame( null, $userinfo2->getToken() );
+ $this->assertSame( '', $userinfo2->getToken() );
$this->assertSame( $user, $userinfo2->getUser() );
$this->assertSame( $userinfo2, $userinfo2->verified() );
$this->assertSame( "<+:{$user->getId()}:{$user->getName()}>", (string)$userinfo2 );
$this->assertSame( $user, $userinfo2->getUser() );
$this->assertSame( $userinfo2, $userinfo2->verified() );
$this->assertSame( "<+:{$user->getId()}:{$user->getName()}>", (string)$userinfo2 );